TOKENADM(8) - System Manager’s Manual #
TOKENADM(8) - System Manager’s Manual
NAME #
activadm, cryptoadm, snkadm - manage the ActivCard, CRYPTOCard and SNK-004 token databases
SYNOPSIS #
tokenadm [-1BDdEeRrT] [-m [-]mode] [user …]
DESCRIPTION #
The tokenadm utility displays and edits user entries in the various token databases. It may also be invoked as one the following: activadm, cryptoadm, or snkadm.
The options are as follows:
-1
Display users, one per line.
-B
Display users with no banner.
-D
Display disabled users.
-d
Disable users without removing them from the database. This prevents the users from authenticating, but does not lose their shared secret. The -m flag may also be used with the -d flag.
-E
Display enabled users.
-e
Enable users. This should be used to re-enable users who were disabled by the -d flag. The -m flag may also be used with the -e flag.
-m [-]mode
Add [or remove] the specified mode of authentication for the user. Modes available are decimal (dec), hexadecimal (hex), phonebook (phone), and reduced-input (rim). Not all modes are available for all types of cards. The -m flag may be used alone or in conjunction with either the -d or -e flags. Whenever reduced-input mode is set, the reduced-input state is reset. This should be done if a paper copy of challenge/responses had been produced and then misplaced.
-R
Display users in reverse order.
-r
Remove users from the database.
-T
Display users in terse format (only the user names). Unless -1 is also specified, four users will be displayed per line.
Use of any of the -1BDERT flags precludes the use of any of the -demr flags. The -demr flags all require at least one user argument.
SEE ALSO #
x99token(1), login.conf(5), login_token(8), tokeninit(8)
OpenBSD 7.5 - March 31, 2022